By Sridhar Namachivayan,Skybox Security
While Indians continue to deal with the demonetization of 500 and 1000 rupee notes (an unprecedented move by the Indian government in its attempt to fight “Black Money”), there is adanger lurking in the folds that may go unnoticed until it’s too late.
The demonetization will drive an increasein cashless electronic transactions. As the rupee notes are now defunct, people will turn to online payments and use of credit and debit cards, which could increase the potential for cybercrimes against financial institutions.
Banks have always been a favorite target when it came to cybercriminals, and Indian banks are particularly attractive.According to a report by Trend Micro, India ranks third after Japan and the United States in terms of the countries most affected by online banking malware.And the news of security breaches at some of the biggest banks in Indiais still fresh on the minds of security professionals and banking customers. According to the National Payments Council of India, these breaches involved fraudulent withdrawals of a reported Rs 1.3 crore from cards issued by 19 banks.
As Indian banks cope with the increased volumes of electronic transactions, they potentially become more vulnerable to cyberattacks.One way for banks to protect against an increased risk of cybercrime is tobring their entire IT infrastructure into view, enabling security teams to quickly spot the ways in which their organization’s network could be compromised.
Attack surface visualization solutions simplify this complex task by turning massive volumes of data into a simple picture. These tools enablesecurity teams toview integrated data from dozens of security and networking products – regardless ofvendor or location – and see indicators of exposure (IOEs) prioritized in the unique business context of their organization.
But how do you turn a picture into action?
Focus on the Most Critical Risks
To gain a comprehensive understanding of the risk exposure throughout their IT network, organizationsneed to consider everything from new or exposed vulnerabilities and vulnerability concentrations to risky access paths and unsecure device configurations.IOEs take these traditionallydisparate categories of risk and unite them under a common language, enabling security professionals to quickly assessthe security postureof the entire organization prioritized in the context of the business and its critical assets.
Using network modeling of IT infrastructure, attack simulation and analytics, IOEs power visual, interactive attack surface models that understand the interconnectedness of the network and how that impacts risk severity. For example, a vulnerability with a “medium” CVE score may actually be a critical risk to your organization if it sits on a crucial business application. Using the IOE approach, vulnerability management teams can better focus resources rather than chasing false positives.
Additionally, IOEs and attack surface visualization make remediation alternatives apparent. For example, changes to a firewall rule or IPS signature may more efficiently neutralize a risk than deploying a patch. This can vastly reduce incident response times when tackling a zero-day vulnerability or containing an attack.
Improve Security Management Programs
Attack surface visualization can also provide needed intelligence at the operational level. Comparative data from such solutions can identify security and network teams that should be emulated or may require more resources or training. IOE trends can also be viewed over time to track progress in combatting a specific category of risk or securing a business-critical area of the network.
In the heavily regulated financial industry, audit preparation can be greatly streamlined by utilizing the solution’s up-to-date topology maps and vulnerability documentation. It can validate corporate policy compliance, firewall and security device rules,as well asbe used as a documenting tool to see if security and compliance goals are being achieved.
These improvements and the capabilities powered by an attack surface visualization solution all point to its biggest advantage: better use of resources and greater understanding of risks. With complete visibility and context, security teams in the financial services industry can finally gain an understanding of their overall security status and have the intelligence needed to take the right action quickly. As financial institutions will surely be swarmed with increased traffic – raising the potential for increased cybercrime – this is exactly the kind of focus they need.